Apologies if I am asking a dumb question or if this is something that has already been answered before.
I am trying to deploy LTB 0.8 to change user's passwords against Oracle Directory Server 11g. My password policy requires that users must change their passwords after a reset. As a result of that, if I try to change a user password through sending password reset link, the password operation succeeds, but since the user's "passwordExpirationTime" field is set to "19700101000000Z", I am forced to set a new password again to be able to bind to the directory. Here is what I get when the password has been reset using the reset link: [02/Jun/2014:14:50:10 -0400] conn=127217 op=-1 msgId=-1 - fd=41 slot=41 LDAP connection from 127.0.0.1:34025 to 127.0.0.1 [02/Jun/2014:14:50:10 -0400] conn=127217 op=0 msgId=1 - BIND dn="uid=qsfshmx,ou=people,dc=fg,dc=rbccm,dc=com" method=128 version=3 [02/Jun/2014:14:50:10 -0400] conn=127217 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=qsfshmx,ou=people,dc=fg,dc=rbccm,dc=com" [02/Jun/2014:14:50:10 -0400] conn=127217 op=1 msgId=2 - SRCH base="ou=people,dc=fg,dc=rbccm,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL [02/Jun/2014:14:50:10 -0400] conn=127217 op=1 msgId=2 - RESULT err=53 tag=101 nentries=0 etime=0, Password was reset and must be changed. [02/Jun/2014:14:50:10 -0400] conn=127217 op=2 msgId=3 - UNBIND [02/Jun/2014:14:50:10 -0400] conn=127217 op=2 msgId=-1 - closing from 127.0.0.1:34025 - U1 - Connection closed by unbind client - [02/Jun/2014:14:50:10 -0400] conn=127217 op=-1 msgId=-1 - closed. Here is the way my password policy looks: dn: cn=Password Policy,cn=config objectClass: top objectClass: ldapsubentry objectClass: pwdPolicy objectClass: sunPwdPolicy objectClass: passwordPolicy cn: Password Policy pwdAttribute: userPassword passwordStorageScheme: SSHA passwordChange: on pwdAllowUserChange: TRUE pwdSafeModify: FALSE passwordRootdnMayBypassModsChecks: off passwordNonRootMayResetUserpwd: on passwordInHistory: 13 pwdInHistory: 13 passwordMinAge: 604800 pwdMinAge: 604800 passwordCheckSyntax: on pwdCheckQuality: 2 passwordMinLength: 6 pwdMinLength: 6 passwordMustChange: on pwdMustChange: TRUE passwordExp: on passwordMaxAge: 8640000 pwdMaxAge: 8640000 passwordWarning: 1209600 pwdExpireWarning: 1209600 passwordExpireWithoutWarning: off pwdGraceAuthNLimit: 0 pwdKeepLastAuthTime: FALSE passwordLockout: on pwdLockout: TRUE passwordMaxFailure: 5 pwdMaxFailure: 5 passwordResetFailureCount: 60 pwdFailureCountInterval: 60 pwdIsLockoutPrioritized: TRUE passwordUnlock: on passwordLockoutDuration: 60 pwdLockoutDuration: 60 Is there any way to make LTB work with my password policy? Thanks in advance for your help. Aliep _______________________________________________________________________ This email may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this email or the information it contains by other than an intended recipient is unauthorized. If you received this email in error, please advise the sender (by return email or otherwise) immediately. You have consented to receive the attached electronically at the above-noted email address; please retain a copy of this confirmation for future reference. Ce courriel est confidentiel et protégé. L'expéditeur ne renonce pas aux droits et obligations qui s'y rapportent. Toute diffusion, utilisation ou copie de ce courriel ou des renseignements qu'il contient par une personne autre que le (les) destinataire(s) désigné(s) est interdite. Si vous recevez ce courriel par erreur, veuillez en aviser l'expéditeur immédiatement, par retour de courriel ou par un autre moyen. Vous avez accepté de recevoir le(s) document(s) ci-joint(s) par voie électronique à l'adresse courriel indiquée ci-dessus; veuillez conserver une copie de cette confirmation pour les fins de reference future.
_______________________________________________ ltb-users mailing list ltb-users@lists.ltb-project.org http://lists.ltb-project.org/listinfo/ltb-users
